<?php

namespace app\platform\system\middleware;

use app\common\middleware\BaseAuthMiddleware;
use app\platform\system\service\AdminService;
use app\platform\system\service\PlatformAuthService;
use common\service\AuthService;
use support\exception\BadException;
use support\utils\UserUtil;
use Webman\Http\Request;

class PlatformAuthMiddleware extends BaseAuthMiddleware
{

    protected function checkAndSetRequest(Request $request)
    {
        PlatformAuthService::checkAndSetRequest($request, $this->token);
    }

    protected function checkAuthRight(Request $request, callable $handler)
    {
        $authority = AdminService::getLoginAuthority(UserUtil::getUid());
        if (in_array(self::$allAuthStr, $authority)) {
            //超级权限 不需要鉴权
            return $handler($request);
        }
        $flag = AuthService::checkAuth($request, $authority, $this->method);

        if (!$flag) {
            throw new BadException("当前登录人无该接口权限:" . $request->path());
        }
        return $handler($request);
    }
}
